Red Hat Customer Portal

Skip to main content

CVE-2004-1453

GNU glibc 2.3.4 before 2.3.4.20040619, 2.3.3 before 2.3.3.20040420, and 2.3.2 before 2.3.2-r10 does not restrict the use of LD_DEBUG for a setuid program, which allows local users to gain sensitive information, such as the list of symbols used by the program.

Details Source

Mitre

Public Date

2004-08-17 00:00:00

Impact

Low

CVSS Status

draft

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 3 (glibc) RHSA-2005:256 2005-05-18
Red Hat Enterprise Linux 2.1 RHSA-2005:261 2005-04-28